Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <#
- .SYNOPSIS
- This script will create users out of a csv file and creates home folders for them
- .DESCRIPTION
- The CSV file needs the following structure: Surname,GivenName,Username,Password
- .PARAMENTER filename
- The absolute path to the file
- .PARAMENTER ouname
- The name for the created OU
- .EXAMPLE
- aufgabe2.ps1 -filename "C:\students.csv" -ouname "students"
- #>
- #Parameters are fetched
- param
- (
- [string]$filename,
- [string]$ouName
- )
- function createOU{
- Write-Host $args
- [string]$name = $args
- if(Get-ADOrganizationalUnit -ErrorAction SilentlyContinue -Identity "OU= $args , DC= $DC , DC= $DCD"){
- write-host "Deleting old OU..." -ForegroundColor Red
- #Removing protection From Accidental Deletion
- Set-ADOrganizationalUnit -Identity "OU= $args , DC= $DC , DC= $DCD " -ProtectedFromAccidentalDeletion $false
- Remove-ADOrganizationalUnit -Recursive -Identity "OU= $args , DC= $DC , DC= $DCD " -Confirm:$false
- }
- New-ADOrganizationalUnit -Name $name -ProtectedFromAccidentalDeletion $false -Path "DC= $DC, DC= $DCD"
- }
- function getUsers{
- #Importing the CSV in a variable delimited by ","
- $users = Import-Csv $args[0] -Delimiter ","
- #The variable (array) is iterated and every object is send to the create user function
- foreach($user in $users){
- createUser $user
- }
- }
- function createUser{
- $username = $args.Username
- #Converting the password to a hash
- $password = $args.Password | ConvertTo-SecureString -AsPlainText -Force
- $fullName = $args.Surname + " " + $args.GivenName
- #Password will never expire -> for testing easiest way
- New-ADUser -Name $username -AccountPassword $password -PasswordNeverExpires 1 -HomeDirectory "C:\Homes\$username" -GivenName $fullName -Path "OU= $ouName , DC= $DC , DC= $DCD"
- #AD account must be enables
- Enable-ADAccount -Identity $username
- #Home folder will be created
- createHomeDir $username
- }
- function createHomeDir{
- #Fetching the username from args
- $username = $args[0]
- #Searching up the just created user
- $user = get-aduser -Filter {Name -eq "$username"}
- #Creates the folder
- if((Test-Path -Path "C:\Homes\$username") -eq $false){
- write-host "Creating folder for $username" -ForegroundColor Green
- #Creating the folder and piping the information to nirvana
- New-Item -Path "C:\Homes\" -name $username -ItemType Directory | Out-Null
- #Permissions for the folder
- $Rights = [System.Security.AccessControl.FileSystemRights]"FullControl"
- #Inheritation type
- $Inheritance = [System.Security.AccessControl.InheritanceFlags]::"ContainerInherit", "ObjectInherit"
- #Propagation type
- $Propagation = [System.Security.AccessControl.PropagationFlags]::None
- #The Access controll type, can be Allow or Deny
- $AC =[System.Security.AccessControl.AccessControlType]::Allow
- #Creating the new ACL-Object with the vars from above
- $NewACL = New-Object System.Security.AccessControl.FileSystemAccessRule ($username, $Rights, $Inheritance, $Propagation, $AC)
- #Fetching the current acl
- $ACL = Get-Acl -Path "C:\Homes\$username"
- $ACL.SetAccessRuleProtection($True, $False)
- #Adding the rule to the current ACL
- $ACL.SetAccessRule($NewACL)
- #ACL for SYSTEM
- $NewACL = New-Object System.Security.AccessControl.FileSystemAccessRule ("SYSTEM", $Rights, $Inheritance, $Propagation, $AC)
- $ACL.SetAccessRule($NewACL)
- #ACL for Administrator securtity group
- $NewACL = New-Object System.Security.AccessControl.FileSystemAccessRule ("Administrators", $Rights, $Inheritance, $Propagation, $AC)
- $ACL.SetAccessRule($NewACL)
- #Setting and applying the new ACL
- Set-Acl -Path "C:\Homes\$username" -AclObject $ACL
- #Mounting the Created folder as H:
- $homeDrive = "H:"
- $homeDir = '\\JACLO187AUTWI\$Homes\' + $username
- Set-ADUser -Identity $username -Replace @{HomeDirectory=$homeDir}
- Set-ADUser -Identity $username -Replace @{HomeDrive=$homeDrive}
- }
- }
- Function Get-FileName($initialDirectory)
- {
- #Open file dialog with applied .csv filter and
- $OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
- $OpenFileDialog.initialDirectory = $initialDirectory
- $OpenFileDialog.filter = "CSV Files| *.csv"
- $OpenFileDialog.ShowDialog() | Out-Null
- $OpenFileDialog.filename
- }
- clear
- #requires -Version 2
- $ErrorActionPreference = 'SilentlyContinue'
- #Setting the Domain Controller ass global variable
- $DC = "JACLO187"
- $DCD = "lam"
- #Starting script
- if(!$ouname){
- Write-Host "Choose your OU name. Existing OUs will be overridden!" -ForegroundColor red
- $ouName = Read-Host -Prompt "OU Name"
- }
- if(!$filename){
- Write-Host "Choose your CSV file." -ForegroundColor red
- $filename = Get-FileName("C:")
- }
- createOU $ouName
- getUsers $filename
- #Resets this variable so other scripts wont be affected
- $ErrorActionPreference = 'Continue'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement